发布求助
文献互助 智能选刊 最新文献

Proceedings of the 15th International Conference on Availability, Reliability and Security最新文献

筛选
英文 中文
Exploring data leakage in encrypted payload using supervised machine learning 使用监督机器学习探索加密有效载荷中的数据泄漏
Proceedings of the 15th International Conference on Availability, Reliability and Security Pub Date : 2020-08-25 DOI: 10.1145/3407023.3409216
Amir Khaleghi Moghaddam, A. N. Zincir-Heywood
{"title":"Exploring data leakage in encrypted payload using supervised machine learning","authors":"Amir Khaleghi Moghaddam, A. N. Zincir-Heywood","doi":"10.1145/3407023.3409216","DOIUrl":"https://doi.org/10.1145/3407023.3409216","url":null,"abstract":"Data security includes but not limited to, data encryption and key management practices that protect data across all applications and platforms. In this paper, we aim to explore whether any data leakage takes place in data encryption when encrypted data is analyzed using supervised machine learning techniques. To this end, we analyze four encryption algorithms with different key sizes using five supervised learning techniques on two different datasets. The results show that as the encryption algorithms get stronger, the data leakage decreases, even though the data leakage is never zero percent.","PeriodicalId":121225,"journal":{"name":"Proceedings of the 15th International Conference on Availability, Reliability and Security","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125127697","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Network covert channels detection using data mining and hierarchical organisation of frequent sets: an initial study 使用数据挖掘和频繁集分层组织的网络隐蔽信道检测:初步研究
Proceedings of the 15th International Conference on Availability, Reliability and Security Pub Date : 2020-08-25 DOI: 10.1145/3407023.3409217
P. Nowakowski, Piotr Żórawski, Krzysztof Cabaj, W. Mazurczyk
{"title":"Network covert channels detection using data mining and hierarchical organisation of frequent sets: an initial study","authors":"P. Nowakowski, Piotr Żórawski, Krzysztof Cabaj, W. Mazurczyk","doi":"10.1145/3407023.3409217","DOIUrl":"https://doi.org/10.1145/3407023.3409217","url":null,"abstract":"Currently, malware developers are increasingly turning their attention towards various types of information hiding techniques to conceal their malicious actions on the compromised machine or the network. One group of such mechanisms are network covert channels (CCs) which utilize subtle modifications to the legitimate network traffic to carry secret data. Unfortunately, nowadays no general detection approach exists that is able to fight covert communication in an efficient and scalable manner. On the contrary, typically for a given information hiding technique a dedicated detection solution is devised. That is why, in this paper we investigate possibility to utilize data mining approach to detect network covert channels: both distributed and undistributed. Specifically, we propose to rely on the hierarchical organisation of frequent sets discovered by the data mining algorithm and use it together with an outlier detection-based traffic classifier. Initial performance results reveal that the proposed solution has potential but it needs to be further evaluated in more realistic scenarios.","PeriodicalId":121225,"journal":{"name":"Proceedings of the 15th International Conference on Availability, Reliability and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120968701","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Memory corruption attacks within Android TEEs: a case study based on OP-TEE Android tee中的内存损坏攻击:基于OP-TEE的案例研究
Proceedings of the 15th International Conference on Availability, Reliability and Security Pub Date : 2020-08-25 DOI: 10.1145/3407023.3407072
Fabian Fleischer, Marcel Busch, Phillip Kuhrt
{"title":"Memory corruption attacks within Android TEEs: a case study based on OP-TEE","authors":"Fabian Fleischer, Marcel Busch, Phillip Kuhrt","doi":"10.1145/3407023.3407072","DOIUrl":"https://doi.org/10.1145/3407023.3407072","url":null,"abstract":"Many security-critical services on mobile devices rely on Trusted Execution Environments (TEEs). However, due to the proprietary and locked-down nature of TEEs, the available information about these systems is scarce. In recent years, we have witnessed several exploits targeting all major commercially used TEEs, which raises questions about the capabilities of TEEs to provide the expected integrity and confidentiality guarantees. In this paper, we evaluate the exploitability of TEEs by analyzing common flaws from the perspective of an adversary. We provide multiple vulnerable TEE applications for OP-TEE, a reference implementation for TEEs, and elaborate on the steps necessary for their exploitation on an Android system. Our vulnerable examples are inspired by real-world exploits seen in-the-wild on commercially used TEEs. With this work, we provide developers and researchers with introductory knowledge to realistically assess the capabilities of TEEs. For these purposes, we also make our examples publicly available.","PeriodicalId":121225,"journal":{"name":"Proceedings of the 15th International Conference on Availability, Reliability and Security","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121103314","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
IoT dataset generation framework for evaluating anomaly detection mechanisms 用于评估异常检测机制的物联网数据集生成框架
Proceedings of the 15th International Conference on Availability, Reliability and Security Pub Date : 2020-08-25 DOI: 10.1145/3407023.3407036
Andreas Meyer-Berg, Rolf Egert, Leon Böck, M. Mühlhäuser
{"title":"IoT dataset generation framework for evaluating anomaly detection mechanisms","authors":"Andreas Meyer-Berg, Rolf Egert, Leon Böck, M. Mühlhäuser","doi":"10.1145/3407023.3407036","DOIUrl":"https://doi.org/10.1145/3407023.3407036","url":null,"abstract":"Machine learning based anomaly detection mechanisms are a promising tool to detect and protect networks from previously unknown attacks. The quality of those mechanisms strongly depends on the availability of large amounts of data for their training and evaluation. However, suitable datasets are scarce, as they are rarely shared by those who possess them. This impedes progress in the development and deployment of sophisticated machine learning mechanisms. This paper aims to accelerate this thwarted development process by introducing a network simulation framework for training-data generation and evaluation of data-driven mechanisms, like anomaly detection approaches. The framework enables training, testing, and evaluating data-driven approaches in a safe and extensible environment prior to their deployment in real-world systems. We showcase the capabilities of the framework in a case study. For this, a smart home network is modeled and simulated within the framework. The generated data is used to train an anomaly detection approach, which is then used to detect various anomalies introduced by attacks on the network. This ability to train and evaluate data-driven algorithms within the framework allows users to accelerate the otherwise time-consuming cycle of deploying, modifying, and re-training in live environments, which ultimately advances the development of novel anomaly detection approaches.","PeriodicalId":121225,"journal":{"name":"Proceedings of the 15th International Conference on Availability, Reliability and Security","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122220645","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
MP2ML: a mixed-protocol machine learning framework for private inference MP2ML:用于私有推理的混合协议机器学习框架
Proceedings of the 15th International Conference on Availability, Reliability and Security Pub Date : 2020-08-25 DOI: 10.1145/3407023.3407045
Fabian Boemer, Rosario Cammarota, Daniel Demmler, T. Schneider, Hossein Yalame
{"title":"MP2ML: a mixed-protocol machine learning framework for private inference","authors":"Fabian Boemer, Rosario Cammarota, Daniel Demmler, T. Schneider, Hossein Yalame","doi":"10.1145/3407023.3407045","DOIUrl":"https://doi.org/10.1145/3407023.3407045","url":null,"abstract":"Privacy-preserving machine learning (PPML) has many applications, from medical image classification and anomaly detection to financial analysis. nGraph-HE enables data scientists to perform private inference of deep learning (DL) models trained using popular frameworks such as TensorFlow. nGraph-HE computes linear layers using the CKKS homomorphic encryption (HE) scheme. The non-polynomial activation functions, such as MaxPool and ReLU, are evaluated in the clear by the data owner who obtains the intermediate feature maps. This leaks the feature maps to the data owner from which it may be possible to deduce the DL model weights. As a result, such protocols may not be suitable for deployment, especially when the DL model is intellectual property. In this work, we present MP2ML, a machine learning framework which integrates nGraph-HE and the secure two-party computation framework ABY, to overcome the limitations of leaking the intermediate feature maps to the data owner. We introduce a novel scheme for the conversion between CKKS and secure multi-party computation to execute DL inference while maintaining the privacy of both the input data and model weights. MP2ML is compatible with popular DL frameworks such as TensorFlow that can infer pre-trained neural networks with native ReLU activations. We benchmark MP2ML on the CryptoNets network with ReLU activations, on which it achieves a throughput of 33.3 images/s and an accuracy of 98.6%. This throughput matches the previous state-of-the-art work, even though our protocol is more accurate and scalable.","PeriodicalId":121225,"journal":{"name":"Proceedings of the 15th International Conference on Availability, Reliability and Security","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127507107","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 80
Denial of sustainability on military tactical clouds 否认军事战术云的可持续性
Proceedings of the 15th International Conference on Availability, Reliability and Security Pub Date : 2020-08-25 DOI: 10.1145/3407023.3409226
J. M. Vidal, Marco Antonio Sotelo Monge
{"title":"Denial of sustainability on military tactical clouds","authors":"J. M. Vidal, Marco Antonio Sotelo Monge","doi":"10.1145/3407023.3409226","DOIUrl":"https://doi.org/10.1145/3407023.3409226","url":null,"abstract":"As the digitalization of the military conflicts increases, gaining decision superiority become the key to enhance the likelihood of success, which among others is enabled by bringing to the tactical edge emerging ICT paradigms like advanced data fusion, Artificial Intelligence, distributed computation or end-to-trust. Based on them, Tactical Clouds will allow the provisioning of C3 services for enhancing the development of the tactical pillars of modern join military operations, like Intelligence, Surveillance, Situational Awareness, or support to decision-making. But the adoption of new technological enablers bring novel and unexplored challenges that when no remediated, may jeopardize the operability of the digital tactical assets, being the cyber defence an essential cornerstone for their safeguarding. In these grounds, the main purpose of the conducted research is to review and analyze the denial of sustainability problem on tactical combat clouds; which entails a rara avis topic on the existing bibliography among other due to the novelty, secrecy and low level of technological maturity on their related digital enablers. The research presents and scoping action that developed the following secondary objectives: 1) to frame the denial of sustainability threats on the emerging Tactical Cloud paradigm; 2) to formalize the Tactical Denial of Sustainability (TDoS) concept; 3) to introduce the phasing, potential attack surfaces, terrains and impact of TDoS attacks; 4) to illustrate heterogeneous CONOPS that facilitate the understanding of TDoS; and 5) to raise and encourage the development of further research topics and actions.","PeriodicalId":121225,"journal":{"name":"Proceedings of the 15th International Conference on Availability, Reliability and Security","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134015560","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
A case study on the representativeness of public DoS network traffic data for cybersecurity research 公共DoS网络流量数据在网络安全研究中的代表性研究
Proceedings of the 15th International Conference on Availability, Reliability and Security Pub Date : 2020-08-25 DOI: 10.1145/3407023.3407042
Marta Catillo, A. Pecchia, M. Rak, Umberto Villano
{"title":"A case study on the representativeness of public DoS network traffic data for cybersecurity research","authors":"Marta Catillo, A. Pecchia, M. Rak, Umberto Villano","doi":"10.1145/3407023.3407042","DOIUrl":"https://doi.org/10.1145/3407023.3407042","url":null,"abstract":"The availability of ready-to-use public security datasets is fostering measurement-driven research by a wide community of academics and practitioners. Recent trends in this area put forth a substantial body of literature on anomaly and attack detection on the top of public labelled datasets. Much of this literature blindly reuses existing datasets by overlooking the cybersecurity facets of the network traffic therein, in terms of its real impact on service availability and performance of operations. This paper addresses the representativeness of network traffic data provided by public datasets for cybersecurity research. To this aim, it proposes an initial exploration of the topic by means of a case study on Denial of Service (DoS) traffic of CICIDS2017, which is a recent dataset collected in a controlled environment that gained massive attention over the past two years. DoS traffic, which is available in CICIDS2017 in the form of packet data files, is replayed against a victim server in a controlled testbed. Measurements indicate that the DoS traffic, although somewhat relevant at network-level, has limited impact at application-level (i.e., by taking into account the performance of the victim under attack). The findings provide some key insights into the limitations of the data assessed in the study, paving the way for the construction of more rigorous datasets conceived with a multilayer perspective and that reflect actual traffic conditions under normative operations and disruptive attacks.","PeriodicalId":121225,"journal":{"name":"Proceedings of the 15th International Conference on Availability, Reliability and Security","volume":"201 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134178564","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Relaxation time in complex network 复杂网络中的松弛时间
Proceedings of the 15th International Conference on Availability, Reliability and Security Pub Date : 2020-08-25 DOI: 10.1145/3407023.3409231
D. Lande, A. Snarskii, O. Dmytrenko, I. Subach
{"title":"Relaxation time in complex network","authors":"D. Lande, A. Snarskii, O. Dmytrenko, I. Subach","doi":"10.1145/3407023.3409231","DOIUrl":"https://doi.org/10.1145/3407023.3409231","url":null,"abstract":"New characteristics of nodes of network structures are proposed and researched in this work - the relaxation time of network and the individual relaxation time of node. The so-called decelerated iteration algorithms for HITS and PageRank are used to obtain the relaxation time. The relaxation time of network and the individual relaxation time of node were tested on the example of a weighted directed network of characters in the novel«Les Miserables». It was found that a topology of a network affects a relaxation of nodes after their perturbation. As a result of using relaxation time it was possible to identify the most important network components and rank them by the proposed characteristics. The resulted ranking compared to the ranking by HITS, PageRank and degree of nodes shows the uniqueness of the proposed relaxation time of network and individual relaxation time of node.","PeriodicalId":121225,"journal":{"name":"Proceedings of the 15th International Conference on Availability, Reliability and Security","volume":"83 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117257159","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Detection and classification of slow DoS attacks targeting network servers 针对网络服务器的慢速DoS攻击检测与分类
Proceedings of the 15th International Conference on Availability, Reliability and Security Pub Date : 2020-08-25 DOI: 10.1145/3407023.3409198
E. Cambiaso, M. Aiello, M. Mongelli, I. Vaccari
{"title":"Detection and classification of slow DoS attacks targeting network servers","authors":"E. Cambiaso, M. Aiello, M. Mongelli, I. Vaccari","doi":"10.1145/3407023.3409198","DOIUrl":"https://doi.org/10.1145/3407023.3409198","url":null,"abstract":"Low-rate denial of service attacks are considered a serious threat for network systems. In this paper, we investigate such topic, by proposing a novel anomaly-based intrusion detection system. We validate the proposed system and report the weaknesses we have found. By working from the attacker's perspective, we also try to elude the proposed algorithm. Results show that in order to avoid detection, the attacker would require high-bandwidth to perpetrate the attack. The proposed method should therefore be considered an efficient method to detect running Slow DoS Attacks.","PeriodicalId":121225,"journal":{"name":"Proceedings of the 15th International Conference on Availability, Reliability and Security","volume":"71 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115919371","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Stegomalware detection through structural analysis of media files 通过媒体文件的结构分析进行隐写软件检测
Proceedings of the 15th International Conference on Availability, Reliability and Security Pub Date : 2020-08-25 DOI: 10.1145/3407023.3409187
Damian Puchalski, L. Caviglione, R. Kozik, A. Marzecki, Sławomir Krawczyk, M. Choraś
{"title":"Stegomalware detection through structural analysis of media files","authors":"Damian Puchalski, L. Caviglione, R. Kozik, A. Marzecki, Sławomir Krawczyk, M. Choraś","doi":"10.1145/3407023.3409187","DOIUrl":"https://doi.org/10.1145/3407023.3409187","url":null,"abstract":"The growing diffusion of malware is causing non-negligible economic and social costs. Unfortunately, modern attacks evolve and adapt to defensive mechanisms, and many threats are designed for the optimal exploitation of the traits of the victims. Thus, phenomena such as mobile malware, fileless malware or stegomalware are becoming widespread and represent the next variations of malicious attacks that have to be faced. In particular, the massive amount of digital content shared on the Internet is increasingly more often being used by attackers for the injection of malicious code to bypass security tools or prevent detection. Therefore, in this paper we present an approach to reveal malware and other unwanted content appended to digital images. Specifically, we address the case of pictures compressed with the Graphics Interchange Format. Since such files are based on a well-defined standard, the anomalous data can be isolated by locating the end of the file. The advantage of this approach is its simplicity, allowing to have a scalable implementation for handling huge volumes of data.","PeriodicalId":121225,"journal":{"name":"Proceedings of the 15th International Conference on Availability, Reliability and Security","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128377628","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信